Category Archives: Backdoors

Do you know what a backdoor is? It is the kind of malware that opens a clear path for cyber attackers to do whatever they want. Datper is that kind of malware. It is the descendant of Daserf, which is another backdoor that was re-written in Delphi after being initially coded in Visual C. The newer backdoor is also Delphi-coded. Needless to say, they are similar. Unfortunately, these backdoors are not used on their own; although they do have some functionality. Instead, the attackers behind them are also employing other malicious threats. ...

Backdoor.Athena is a backdoor Trojan usually described as a “beacon loader.” According to documents leaked by WikiLeaks, this malicious application was developed by the CIA in cooperation with Siege Technologies. The company is based in New Hampshire, U.S, and presents itself as “an advanced research and development company” that focuses on developing “offensive and defensive cyber security technologies.” Even though technical documents related to Backdoor.Athena have become public recently, it is not hard to notice that they are dated between September 2015 and February 2016, which is a clear sign that Backdoor.Athena has been active since 2015. ...

Ghostadmin, also known as Backdoor.GhostAdmin, is a dangerous threat used by cyber criminals to record all kinds of details about users and spread malicious software. It has been discovered by malware analysts recently (on the 17th of January, 2017) and it has managed to affect only a small number of users as of now. Unfortunately, it seems that two of these victims are big companies storing hundreds of gigabytes of extremely valuable information on their computers. It is just a start, according to experienced specialists specializing in cyber security. It is because Ghostadmin seems to be a reworked version of well-known malware CrimeScene which was prevalent several years ago. ...

The research shows Backdoor.andromeda is still active as the malware’s creators continue to distribute it through different malicious web pages. This infection is extremely dangerous since it might not only help the cyber criminals gain remote access to the system but also ability to use your computer for malicious activities. Needless to say that if it managed to enter the system, removing this threat should be your top priority task. Below the article, you will find our recommended deletion steps, but you should use them only if you have experience with threats alike and know what you are doing. ...

Ploutus is the name of sophisticated malware that was first detected by security specialists in 2013. It affected a number of ATMs in Mexico back then, so it is considered extremely dangerous. Fortunately, it seems that it is no longer widely employed by crooks these days. Sadly, it does not mean that administrators of ATMs can perform a happy dance because the entire situation might dramatically change soon because a new version of this dangerous malicious application has been developed recently, meaning that Ploutus is back! Since it works slightly differently this time, it has received a new name Ploutus-D. ...

Backdoor.teamviewer is a dangerous threat if it finds a way to slither onto your system without your knowledge. This backdoor application can pose a major threat to your computer and your privacy as well. It is quite likely that you would not even realize that this backdoor is on board even if you find TeamViewer on your system and do not recall installing it. It is vital to understand how this severe threat can appear on your computer so that you can protect it from similar attacks. The most important thing to know right now is that you should delete Backdoor.teamviewer the moment you realize it is on board. ...

Backdoor.Mivast is categorized as a backdoor Trojan, an infection that enables cybercriminals to have access to or control a compromised computer. We advise that you remove this threat the moment you notice it being active on your machine. Sometimes computer users notice Trojans when it is already too late; in order to prevent such cases, we recommend that you implement reliable automatic antimalware software to your current system. ...

Many users become victims of malvertising these days. You might have also become one of them without even knowing that. It is especially true if Backdoor.Bedep is present on your computer. Yes, you have understood correctly - Backdoor.Bedep uses Flash Player exploit in order to enter your system. In fact, it might be enough to click on a single malicious advertisement, which might appear on different websites, in order to allow Backdoor.Bedep to enter the system. As it is a serious computer infection, it is very important to delete Backdoor.Bedep as quickly as possible. It is impossible to get rid of it via Control Panel, so you should not expect to erase it easily. ...

Backdoor.Bot.ED is a highly dangerous Trojan horse which runs as a backdoor program enabling remote attackers to gain access to the compromised system. Backdoor.Bot.ED spreads over the Internet via phishing emails, and our researchers have found that the malicious program is distributed by email with the subject line "Order invoice 9156230_08.xls". If you have not ordered anything and receive a similar letter, ...

Caphaw is a backdoor Trojan which can be identified as Backdoor.SkypeCaphaw or Shylock as well. This malicious threat active since 2011 can enter the system illegally, without any identification, and connect to the Internet without permission either. What is worst is that this threat automatically starts with Windows and runs silently, which is why its activity often remains undetected. ...